Antivirus Alert with PlexMediaServer-1.25.8.5663-e071c3d62-x86_64_DSM7

Hi everyone,

Did someone experiences Malewarebytes alert when browsing Plex’s webclient with last update PlexMediaServer-1.25.8.5663-e071c3d62-x86_64_DSM7 ?

My case:
Since installing last update, when I’m browsing webclient on 192.168.xx.xx:32400/web/index.html#!/
Malewarebytes send alerts as:

-Log Details-
Protection Event Date: 24/03/2022
Protection Event Time: 20:22
Log File: ae8791c4-aba7-11ec-9e4d-dc41a9aa2917.json

-Software Information-
Version: 4.5.6.180
Components Version: 1.0.1634
Update Package Version: 1.0.52800
License: Premium

-System Information-
OS: Windows 10 (Build 19044.1586)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, C:\Program Files\Google\Chrome\Application\chrome.exe, Blocked, -1, -1, 0.0.0, ,

-Website Data-
Category: Compromised
Domain: 5-62-20-53.84451d592b574aa1a3e99b037db4b976.plex.direct
IP Address: 5.62.20.53
Port: 32400
Type: Outbound
File: C:\Program Files\Google\Chrome\Application\chrome.exe
(end)

Someone has the same?
Best

That looks like it is trying to block CORS or XSS. Possibly this Cross-site scripting (XSS) | Malwarebytes Labs | Glossary

The domain it is saying is compromised is the the secure connection URL to your server.

More info on how secure connections work How to Use Secure Server Connections | Plex Support

There are also places what have just classified some Plex URLs as piracy. Pretty sure that Comcast/xfinity if you enable their “safe browsing” features will still block some plex urls like plex.direct

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.